Last week's revelation that a Comodo affiliate Registration Authority has been compromised and that nine rogue SSL certificates have been issued for popular domains such as Gmail, Google Search, Yahoo, Skype and Mozilla Add-ons, has reverberated across the Internet.

Questions have been raised on whether the entire online certificate system is deeply flawed and speculations about the source of the attack have been voiced. According to Comodo, details of the attack seem to point to a state-sponsored effort.

"The attack came from several IP addresses, but mainly from Iran. The attacker was well prepared and knew in advance what he was to try to achieve," Comodo explained. "It does not escape notice that the domains targeted would be of greatest use to a government attempting surveillance of Internet use by dissident groups."

Also, the fact that the perpetrator has focused on the communication infrastructure and can only make use of the certificates if it has control of the DNS infrastructure makes Comodo's researchers believe it was likely a state-driven attack.

But on Saturday, a message posted by the alleged "Comodo Hacker" on Pastebin.com has added more fuel to the speculations. By his own admission, the hacker is Iranian, but claims not to be a member of the Iranian Cyber Army.

He says he is "a single hacker with experience of 1000 hackers", saying that Comodo's researchers are wrong in their assumption that a team of hackers was behind the incident.

He says that he first tried to bring down the SSL root certificate system by attacking the RSA algorithm, but after that approached proved too difficult, he decided to use the vulnerabilities in InstantSSL.it - Comodo's parner's website - to access the RA's servers and generate the Certificate Signing Requests submitted to the CA.

Some security researchers believe his claims, and some do not. To prove his claims, the hacker also published part of the decompiled TrustDLL of Comodo's partner that stored the unencrypted password that gave him access.

Still, as Sophos' Chester Wisniewski notes, "If it was a lone hacker making a point, why issue certificates for these specific websites, all related to secure communication methods often used by dissidents to organize protests and share news with the world?"

Spotlight

Microsoft Edge, the new browser in Windows 10, represents a significant increase in the security over Internet Explorer. However, there are also new potential threat vectors that arenít present in older versions.

35 percent of employees would sell information on company patents, financial records and customer credit card details if the price was right. This illustrates the growing importance for organizations to deploy data loss prevention strategies.

Sun Tzu's writings have been studied throughout the ages by professional militaries and can used to not only answer the question of whether or not we are in a cyberwar, but how one can fight a cyber-battle.

Infosec consultant Paul Moore came up with a working solution to thwart a type of behavioral profiling. The result is a Chrome extension called Keyboard Privacy, which prevents profiling of users by the way they type by randomizing the rate at which characters reach the DOM.